RIPEMD is a family of cryptographic hash functions, meaning it competes for roughly the same uses as MD5, SHA-1 & SHA-256 do. The Wikipedia page for RIPEMD seems to have some nice things to say about it:

1 Answer
1

Initially there was MD4, then MD5; MD5 was designed later, but both were published as open standards simultaneously. MD5 had been designed because of suspected weaknesses in MD4 (which were very real !). So MD5 was the first (and, at that time, believed secure) efficient hash function with a public, readable specification. MD5 was immediately widely popular.

The original RIPEMD was structured as a variation on MD4; actually two MD4 instances in parallel, exchanging data elements at some places. RIPEMD was somewhat less efficient than MD5. Also, since it is based on MD4, there were some concerns that it shared some of the weaknesses of MD4 (Wang published collisions on the original RIPEMD in 2004). Last but not least, there is no public freely available specification for the original RIPEMD (it was published in a scientific congress but the article is not available for free "on the Web"; when I implemented RIPEMD for sphlib, I had to obtain a copy from Antoon Bosselaers, one of the function authors). So RIPEMD had only limited success.

NIST saw MD5 and concluded that there were things which did not please them in it; notably the 128-bit output, which was bound to become "fragile" with regards to the continuous increase in computational performance of computers. So they designed "SHA" with a 160-bit output, soon amended into SHA-1 (the older SHA being colloquially renamed "SHA-0"). Being backed by the US federal government is a strong incentive, and the NIST did things well, with a clear and free specification, with detailed test vectors. So SHA-1 was a success.

The authors of RIPEMD saw the same problems in MD5 than NIST, and reacted with the design of RIPEMD-160 (and a reduced version RIPEMD-128). RIPEMD-160 appears to be quite robust. However, it appeared after SHA-1, and is slower than SHA-1, so it had only limited success. The most notable usage of RIPEMD-160 is within PGP, which was designed as a gesture of defiance against governmental agencies in general, so using preferring RIPEMD-160 over SHA-1 made sense for that.

Since then the leading role of NIST in the definition of hash functions (and other cryptographic primitives) has only strengthened, so SHA-2 were rather promptly adopted, while competing hash functions (such as RIPEMD-256, the 256-bit version of RIPEMD-160, or also Tiger or Whirlpool) found their way only in niche products.

Summary: for commercial adoption, there are huge bonus for functions which arrived first, and for functions promoted by standardization bodies such as NIST.

As for the question of whether using RIPEMD-160 or RIPEMD-256 is a good idea:

RIPEMD-160 received a reasonable share of exposure and analysis, and seems robust. But its output length is a bit too small with regards to current fashions (if you use encryption with 128-bit keys, you should, for coherency, aim at hash functions with 256-bit output), and the performance is not fantastic. The usual recommendation is to stick with SHA-256, which is "the standard" and for which more optimized implementations are available.

RIPEMD-256 is a relatively recent and obscure design, i.e. it did not receive as much attention as the SHA-*, so caution is advised.

So my recommendation is: use SHA-256. You will probably not get into actual security issues by using RIPEMD-160 or RIPEMD-256, but you would have, at least, to justify your non-standard choice.